Beruflich Dokumente
Kultur Dokumente
Click Ok
Click Ok
Click Ok
Click Ok
Name: tunnelAB-localnet
Add lannet and fwC-net to the Group members
Click Ok
Click Ok
General:
Name: fwABC-psk
Shared Secret:
Click Ok.
Name: ipsectunnelAB
Local Network: tunnelAB-localnet
Remote Network: fwB-net
Remote Endpoint: fwB
Encapsulation Mode: Tunnel
Algorithms:
Authentication:
Enable Pre-Shared Key and select fwABC-psk from the dropdown list.
Click Ok.
Name: ipsectunnelAC
Local Network: tunnelAC-localnet
Remote Network: fwC-net
Remote Endpoint: fwC
Encapsulation Mode: Tunnel
Algorithms:
Authentication:
Enable Pre-Shared Key and select fwABC-psk from the dropdown list.
Click Ok.
4. Firewall A – Rules
Go to Rules -> IP Rules.
General:
Name: allow_all
Action: Allow
Service: all_services
Address Filter:
Click Ok.
General:
Name: allow_all
Action: Allow
Service: all_services
Address Filter:
Click Ok.
General:
Name: allow_all
Action: Allow
Service: all_services
Address Filter:
Source Interface: ipsectunnelAB
Source Network: fwB-net
Destination Interface: lan
Destination Network: lannet
Click Ok.
General:
Name: allow_all
Action: Allow
Service: all_services
Address Filter:
Source Interface: ipsectunnelAB
Source Network: fwB-net
Destination Interface: ipsectunnelAC
Destination Network: fwC-net
Click Ok.
Address Filter:
Source Interface: ipsectunnelAC
Source Network: fwC-net
Destination Interface: lan
Destination Network: lannet
Click Ok.
General:
Name: allow_all
Action: Allow
Service: all_services
Address Filter:
Source Interface: lan
Source Network: lannet
Destination Interface: ipsectunnelAC
Destination Network: fwC-net
Click Ok.
5. Firewall B - Addresses
Go to Objects -> Address book -> InterfaceAddresses.
Edit the following items:
Change lan_ip to 192.168.1.1
Change lannet to 192.168.1.0/24
Click Ok
Click Ok
Click Ok
Name: ipsectunnelBA
Local Network: lannet
Remote Network: fwB-remotenets
Remote Endpoint: fwA
Encapsulation Mode: Tunnel
Algorithms:
Authentication:
Enable Pre-Shared Key and select fwABC-psk from the dropdown list.
Click Ok.
8. Firewall B – Rules
Go to Rules -> IP Rules.
General:
Name: allow_all
Action: Allow
Service: all_services
Address Filter:
Click Ok.
General:
Name: allow_all
Action: Allow
Service: all_services
Address Filter:
Click Ok.
9. Firewall C - Addresses
Go to Objects -> Address book -> InterfaceAddresses.
Edit the following items:
Change lan_ip to 192.168.2.1
Change lannet to 192.168.2.0/24
Click Ok
Click Ok
Click Ok
Click Ok
10. Firewall C – Pre-shared keys
Follow the instructions in step 2 to add a pre-shared key called fwABC-psk to firewall C.
The passphrase has to be the same as the passphrase on firewall A.
General:
Name: ipsectunnelCA
Local Network: lannet
Remote Network: fwC-remotenets
Remote Endpoint: fwA
Encapsulation Mode: Tunnel
Algorithms:
Authentication:
Enable Pre-Shared Key and select fwABC-psk from the dropdown list.
Click Ok.
General:
Name: allow_all
Action: Allow
Service: all_services
Address Filter:
Source Interface: lan
Source Network: lannet
Destination Interface: ipsectunnelCA
Destination Network: fwC-remotenets
Click Ok.
General:
Name: allow_all
Action: Allow
Service: all_services
Address Filter:
Source Interface: ipsectunnelCA
Source Network: fwC-remotenets
Destination Interface: lan
Destination Network: lannet
Click Ok.